Phylum
  • Product
  • About us
  • Blog
  • Contact
  • Sign Up
The Anatomy of a Malicious Package (Part 2)

malware

The Anatomy of a Malicious Package (Part 2)

Picking up where we left off in the last article, we need to start thinking about improving our situation. To recap, we've now got initial execution on a victim system,

Aaron Bray 28 Aug 2020
The Anatomy of a Malicious Package

The Anatomy of a Malicious Package

What does a malicious package actually look like in practice? We'll walk through some hypothetical exercises to see how malware generally works, and what sort of functions we might expect,

Aaron Bray 21 Aug 2020
The State of the NPM Ecosystem

The State of the NPM Ecosystem

What does the upstream for major packages really look like? Over the past few years, the shape of the open source ecosystem landscape has shifted drastically, exploding both in the

Aaron Bray 10 Aug 2020
Typosquatting and Other Attacks Against Open Source Dependencies

Typosquatting and Other Attacks Against Open Source Dependencies

In November of 2018 a malicious Javascript package was identified and subsequently removed from the NPM ecosystem. A nefarious modification was introduced into this package, flatmap-stream, which was then added

Louis Lang 27 Jul 2020

Product • About us • Pricing • Blog • Contact

Copyright © phylum.io

We're In Early Beta Access!

Be the first to know when we launch!
We won't send you any unwanted messages.